Cryptocurrency Users Targeted by Malware Disguised as TradingView Crack

Cryptocurrency users have been targeted by a sophisticated malware campaign disguised as a cracked version of the popular trading platform TradingView. This malicious software, distributed through reddit posts, aims to steal personal data and cryptocurrency wallet information from both Mac and Windows users. The scammers lure victims by offering free access to TradingView, claiming that the software has been cracked to unlock premium features. These posts are found on subreddits frequented by cryptocurrency traders, where the scammers post links to installers that are laced with Lumma Stealer and Atomic Stealer (AMOS) malware.

The malware is distributed through links hosted on an unrelated website, which belongs to a Dubai cleaning company. This website is running an outdated PHP version, making it vulnerable to exploitation. The files are double zipped and password protected, a tactic used to evade security scanners. On Mac, the installer is a new variant of AMOS, which checks for the presence of virtual machines and exits if detected. The malware exfiltrates user data via a POST request to a server hosted in the Seychelles. On Windows, the payload is loaded via an obfuscated bat file that runs a malicious Autoit script, with the command and control server registered in Russia.

Victims of this malware have reported that their crypto wallets were emptied, and their identities were impersonated to send phishing links to their contacts. This campaign highlights the ongoing threat of cracked software containing malware, despite decades of warnings. The scammers are actively engaged in the Reddit threads, posing as helpful users to assist victims and encourage downloads. To stay safe, users should be wary of instructions to disable security software, password-protected files, and files hosted on dubious online platforms. Malwarebytes offers protection against both Mac and Windows payloads, helping to keep threats off devices.

This incident underscores the importance of vigilance among cryptocurrency users. The lure of free or cracked software can be tempting, but the risks are significant. Users must be cautious about downloading software from unknown sources and should always verify the legitimacy of any software they intend to install. The use of reputable security software and staying informed about the latest threats can help protect against such malicious campaigns. Cryptocurrency users should also be aware of the tactics used by scammers, such as posing as helpful users in online forums, and should avoid engaging with suspicious links or downloads.